Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft
File:                     OPp_x3GCjPs5cigk9_3z7cSzxSk.mft (raw, json)
Hash identifier:          WUyk6W0FTWh40e8PuykVMf6KdURwkoibvFFAXnpLy1k=
Subject key identifier:   44:6E:68:43:C0:6D:33:EC:CD:4D:FF:05:4C:44:9D:D7:BF:D1:0C:A8
Authority key identifier: 38:FA:7F:C7:71:82:8C:FB:39:72:28:24:F7:FD:F3:ED:C4:B3:C5:29
Certificate issuer:       /CN=38fa7fc771828cfb39722824f7fdf3edc4b3c529
Certificate serial:       0199FB45914B861ABDA038C0C5FBE9A54539
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OPp_x3GCjPs5cigk9_3z7cSzxSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft
Manifest number:          D7
Signing time:             Sun 19 Oct 2025 07:01:04 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:04 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:04 +0000
Files and hashes:         1: OPp_x3GCjPs5cigk9_3z7cSzxSk.crl (hash: uUqntF6E8GcDiHX4fipPRFcdpZJvUEOFTHArcoASUgw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OPp_x3GCjPs5cigk9_3z7cSzxSk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:91:4b:86:1a:bd:a0:38:c0:c5:fb:e9:a5:45:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38fa7fc771828cfb39722824f7fdf3edc4b3c529
        Validity
            Not Before: Oct 19 07:01:04 2025 GMT
            Not After : Oct 20 07:01:04 2025 GMT
        Subject: CN=446e6843c06d33eccd4dff054c449dd7bfd10ca8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:b4:c7:74:51:aa:59:a2:12:a3:ab:b9:eb:f0:
                    d3:08:3a:d7:62:1a:ab:ad:2b:c4:39:de:84:e1:e6:
                    b2:cb:f2:cb:52:be:74:02:a7:d1:95:4b:7b:be:3c:
                    cc:64:43:1d:c8:d0:f9:aa:75:a0:66:a6:42:9c:5e:
                    ba:37:38:fd:19:1f:18:ea:06:ce:c4:a2:f4:f8:93:
                    02:ff:4a:29:25:74:50:1a:2d:03:24:f3:8e:12:0e:
                    98:f6:54:a3:84:75:c9:ac:a0:f6:e7:51:9a:6c:f2:
                    83:72:32:4a:b8:b3:9d:d4:3d:b9:a6:c6:ea:70:bf:
                    c8:12:37:de:41:6e:28:1c:88:0e:10:3a:e3:ed:98:
                    cf:43:35:88:98:c4:07:30:83:14:ac:6b:25:04:da:
                    58:2b:af:00:d3:2b:db:ec:38:af:ad:47:ad:76:9c:
                    19:18:18:4f:61:31:46:81:ce:d3:c6:b7:7d:28:5e:
                    92:58:d1:fd:64:38:63:fc:86:75:19:e1:9c:8d:df:
                    82:ca:4e:ff:1b:28:e4:33:99:35:de:66:3a:9e:8e:
                    45:4c:b6:8e:e3:87:9b:f7:58:e9:e1:02:71:4f:ab:
                    93:9e:b6:d0:2c:9b:ae:0e:22:d6:56:af:9d:e2:f2:
                    6d:10:51:a2:5b:90:70:e3:df:23:c3:41:9a:49:70:
                    dc:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:6E:68:43:C0:6D:33:EC:CD:4D:FF:05:4C:44:9D:D7:BF:D1:0C:A8
            X509v3 Authority Key Identifier:
                keyid:38:FA:7F:C7:71:82:8C:FB:39:72:28:24:F7:FD:F3:ED:C4:B3:C5:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPp_x3GCjPs5cigk9_3z7cSzxSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/951a33-f840-4aac-9556-1297782755fd/1/OPp_x3GCjPs5cigk9_3z7cSzxSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:96:09:d2:d4:ff:26:d5:a9:d5:5f:6a:bb:6a:cb:eb:d2:1b:
         5d:68:43:38:b9:87:b6:cf:69:1a:18:19:c2:d7:5b:d6:d4:5a:
         fc:aa:93:37:27:fa:29:22:51:73:85:ec:aa:d3:79:ae:05:54:
         09:e9:a2:13:b4:49:b1:7d:4c:52:c1:ce:cb:a4:03:26:d0:7f:
         34:b7:dd:57:8e:26:d9:df:c7:22:51:57:35:97:70:d2:a4:02:
         f8:df:f1:5d:47:be:b9:8c:bc:4d:ff:b9:2a:c3:2c:7a:b6:d0:
         5a:ed:40:62:5f:86:98:ee:a0:f4:e0:6f:fc:fa:88:25:11:83:
         42:4c:71:ba:a6:c2:c4:9d:cf:8a:1d:a0:f2:8c:c9:51:31:e9:
         48:86:bd:2e:2c:e3:2d:ad:0c:35:4c:c2:58:00:9d:2c:a2:e2:
         41:5f:ac:52:ce:1f:36:17:78:da:b0:30:26:16:39:c3:c1:a4:
         43:ff:bd:cd:93:47:82:18:83:b8:4b:87:99:ed:57:b3:69:53:
         35:99:a3:cb:46:0b:b2:7a:ca:c0:f8:4d:ec:0d:ce:da:e6:5e:
         7e:46:fc:26:07:19:7f:80:b4:54:a4:1f:a4:4e:88:ae:47:59:
         ab:73:fd:0a:b1:a5:6d:cd:c8:1a:72:ec:90:7b:62:3e:ca:3d:
         4f:4c:4a:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RZFLhhq9oDjAxfvppUU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZmE3ZmM3NzE4MjhjZmIzOTcyMjgyNGY3ZmRmM2VkYzRi
M2M1MjkwHhcNMjUxMDE5MDcwMTA0WhcNMjUxMDIwMDcwMTA0WjAzMTEwLwYDVQQD
Eyg0NDZlNjg0M2MwNmQzM2VjY2Q0ZGZmMDU0YzQ0OWRkN2JmZDEwY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LTHdFGqWaISo6u56/DTCDrXYhqr
rSvEOd6E4eayy/LLUr50AqfRlUt7vjzMZEMdyND5qnWgZqZCnF66Nzj9GR8Y6gbO
xKL0+JMC/0opJXRQGi0DJPOOEg6Y9lSjhHXJrKD251GabPKDcjJKuLOd1D25psbq
cL/IEjfeQW4oHIgOEDrj7ZjPQzWImMQHMIMUrGslBNpYK68A0yvb7DivrUetdpwZ
GBhPYTFGgc7Txrd9KF6SWNH9ZDhj/IZ1GeGcjd+Cyk7/GyjkM5k13mY6no5FTLaO
44eb91jp4QJxT6uTnrbQLJuuDiLWVq+d4vJtEFGiW5Bw498jw0GaSXDcowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERuaEPAbTPszU3/BUxEnde/0QyoMB8GA1UdIwQY
MBaAFDj6f8dxgoz7OXIoJPf98+3Es8UpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BwX3gzR0NqUHM1Y2lnazlfM3o3Y1N6eFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85NTFhMzMtZjg0MC00YWFjLTk1NTYt
MTI5Nzc4Mjc1NWZkLzEvT1BwX3gzR0NqUHM1Y2lnazlfM3o3Y1N6eFNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85NTFhMzMtZjg0MC00YWFjLTk1NTYtMTI5Nzc4Mjc1NWZk
LzEvT1BwX3gzR0NqUHM1Y2lnazlfM3o3Y1N6eFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJZYJ0tT/
JtWp1V9qu2rL69IbXWhDOLmHts9pGhgZwtdb1tRa/KqTNyf6KSJRc4XsqtN5rgVU
CemiE7RJsX1MUsHOy6QDJtB/NLfdV44m2d/HIlFXNZdw0qQC+N/xXUe+uYy8Tf+5
KsMserbQWu1AYl+GmO6g9OBv/PqIJRGDQkxxuqbCxJ3Pih2g8ozJUTHpSIa9Lizj
La0MNUzCWACdLKLiQV+sUs4fNhd42rAwJhY5w8GkQ/+9zZNHghiDuEuHme1Xs2lT
NZmjy0YLsnrKwPhN7A3O2uZefkb8JgcZf4C0VKQfpE6IrkdZq3P9CrGlbc3IGnLs
kHtiPso9T0xKIg==
-----END CERTIFICATE-----